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~ The MAILING DA TE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1)^ Responsive to communication(s) filed on 26 May 2004 . 
2a)[3 This action is FINAL. 2b)Q This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-3 and 7-14 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) ^ Claim(s) 3,4 and 14 is/are allowed. 

6) ^0 Claim(s) 1,2 and 7-13 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
11 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)Q All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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2) Q Notice of Draftsperson's Patent Drawing Review (PTO-948) 
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4) Q Interview Summary (PTO-413) 
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5) n Notice of Informal Patent Application (PTO-152) 
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DETAILED ACTION 



Response to Arguments 



1 . Applicant's arguments filed April 13, 2004 have been fully considered but they 
are not persuasive. 

The applicant argues that Touboul fails to disclose of "determining constraints to 
implement secure communication with the server from which the code was 
downloaded." The examiner respectfully disagrees. Touboul discloses of "policies for 
determining whether to allow or block incoming downloadables as the applicant has 
indicates, however Touboul '194 discloses of a signed certificate appended to the 
downloadable security profile that indicates if it is to be trusted (see col. 2, lines 10-20 
and col. 6, lines 26-35), or rather determining constraints to implement secure 
communication with the server from which the code was downloaded. Touboul '844 
similarly discloses of a signed certificate appended to the downloadable security profile 
that indicates if it is to be trusted (see col. 4, line 65 through col. 5, line 6 and col. 7, 
lines 49-67), or rather determining constraints to implement secure communication with 
the server from which the code was downloaded. 

2. The examiner acknowledges the applicant's election without traverse of claims 1- 
4 and 7-14, whereby claims 5 and 6 have been withdrawn from consideration. 

3. The examiner has found the applicant's arguments to be persuasive in regards to 
claims 3,4, and 14 and the rejection of the claims under 35 U.S.C. 102(e) is withdrawn. 
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4. The examiner has located the missing IDS references that were not available to 
the examiner in the previous action and has considered those references, copies of the 
signed PTO-1449 are included along with this action. 

Claim Rejections - 35 USC § 102 

5. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

6. Claims 1,2,12, and 13 are rejected under 35 U.S.C. 102(e) as being anticipated 
by Touboul, U.S. Patent 6,092,194. 

As per claims 1 and 12, it is disclosed by Touboul of a computer based method 
and of a computer readable medium containing instructions (col. 10, line 8 and col. 13, 
lines 13-15) for a downloadable (downloaded code) being received (communicated) by 
a server and is intended for a client computer (col. 10, lines 9-10) in a distributed 
system as is shown in Figure 1. A downloadable security profile (secure code) is 
compared (determined) by the server to determine if it violates (verifies if it will enforce) 
the security policy (set of constraints)(col. 10, lines 11-15). It is noted by the examiner 
that if it determined that the downloadable (downloaded code) does not contain 
suspicious operations, it is treated as trustworthy (as is recited in the abstract) and is 
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securely communicated to the client computer based on being trusted. A certificate 
further validates the downloadable security profile (secure code) as being verified from 
a trusted source (col. 6, lines 26-37). 

As per claims 2 and 13, the teachings of Touboul disclose of determining if a 
downloadable (downloaded code) will enforce a security policy (set of constraints). The 
teachings of Touboul disclose of the use of Java object oriented programming (col. 1, 
lines 65-67). It is inherent that the downloadable (downloaded code) invokes a method 
on the server for it is well known that invocation of methods is notoriously well known in 
the field of object oriented programming whereby it is known to consist of routines and 
data being treated as a discrete entity whereby calling or activating (invoking) other 
routines in response to a received message. 

7. Claims 7-1 1 are rejected under 35 U.S.C. 102(e) as being anticipated by Touboul 
et al, U.S. Patent 6,154,844. 

As per claim 7, Touboul et al discloses of a system for a downloadable being 
received (communicated) by a server, that comprises memory with web page data 
(service) that is to be executed (runs) by a processor (col. 10, lines 35-45), and is 
intended for a client computer (col. 3, lines 32-52) in a distributed system as is shown in 
Figure 1. Figure 3 shows processor for executing the program and memory containing 
the downloadable (proxy) that comprises the downloadable security profile (secure 
verifier) retrieved and facilitates use from the web page (service) whereby the 
downloadable security profile (secure verifier) is compared (determined) by the server to 
determine if it violates (verifies if it will enforce) the security policy (security 
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constraints)(col. 12, lines 30-38). It is noted by the examiner that if it determined that 
the downloadable does not contain suspicious operations, it is treated as trustworthy (as 
is recited in the abstract) and is securely communicated to the client computer based on 
being trusted. A certificate further validates the downloadable security profile as being 
verified from a trusted source (col. 5, line 59 through col. 6, line 12). It is inherent that 
the downloadable (proxy) comprising the downloadable security profile invokes a 
method on the server for it is well known that invocation of methods is notoriously well 
known in the field of object oriented programming whereby it is known to consist of 
routines and data being treated as a discrete entity whereby calling or activating 
(invoking) other routines in response to a received message. 

As per claim 8, Touboul et al teaches that the server and client computer 
communicate via the Internet (col. 3, lines 34-44). 

As per claim 9, Touboul et al discloses that the server and client computer 
communicate via a local area network (col. 3, lines 34-44). 

As per claim 10, it is taught by Touboul et al that the security profile (security 
constraints) are set by an inspector (client program)(col. 2, lines 3-8). 

As per claim 1 1 , Touboul et al discloses that the security profile (security 
constraints) are set by an inspector (service)(col. 2, lines 3-8). 



Allowable Subject Matter 

8. Claims 3,4 and 14 are allowed. 
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9. The following is a statement of reasons for the indication of allowable subject 
matter: 

It was not found to be taught in the prior art of using a first proxy code to obtain a 
second proxy code containing code for communication purposes, determining whether 
the second proxy code is trustworthy by using a trustworthiness routine, determining 
whether the server is trustworthy by using the second proxy code when it has been 
determined that the second proxy is trusted, requesting the server to determine whether 
the first proxy is trustworthy by using the second proxy when it has been determined 
that the server is trusted, and using the first proxy to invoke a method on the server 
when the first proxy has been determined to be trusted. 



10. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 



Conclusion 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Christopher A. Revak whose telephone number is 703- 
305-1843. The examiner can normally be reached on Monday-Friday, 6:30am-4:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 703-305-9648. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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